The report examines the need for embedded cyber protection inside primary storage. It then offers crucial advice and a checklist on what cyber capabilities to consider when purchasing storage. 

Summary

Catalyst

Ransomware attacks pose a significant threat to primary storage, as they can encrypt and hold data hostage, rendering it inaccessible until a ransom is paid. Regular backups have been the go-to strategy for data restoration to deal with ransomware attacks that breakthrough preventative cyber defenses, allowing for the recovery of primary data from the most recent unaffected backup. However, a newer option is to use the features built into the primary storage to detect and recover from a ransomware attack that damages data. Point-in-time copies or storage snapshots have long been a mainstay of primary storage to create a history of data images for disaster recovery. These enhanced snapshots are now being used to restore data in a fail-safe way in the event of a ransomware attack that corrupts data.

Omdia view (user needs)

  • Most storage snapshots are inherently immutable, but this does not mean they are ready to be used for ransomware protection. Careful attention must be paid to ensure that certain aspects of the snapshots are fail-safe against ransomware attacks, leading to new capabilities such as indelibility (prevention of deletion).
  • A complete ransomware storage solution goes beyond immutable snapshots. It considers all the other aspects of protecting and hardening the storage within an environment (see the section below for a complete list).
  • From Omdia’s point of view, when protecting against ransomware, organizations should use a layered or multipronged approach. The best protection uses two logically separated mechanisms to make data copies, as ransomware tries to shut down data recovery mechanisms and typically corrupts or deletes all copies it can find unless the copies are immutable and/or indelible.
  • Beyond being simple to use, a complete ransomware storage solution also needs the proper tools to provide insight into how well the environment is protected. Artificial intelligence (AI) and machine learning (ML)-based tools can greatly help.
  • The process for recovery from a ransomware attack must be considered in any solution. The quicker and faster critical operating environments can be brought back online, the less money and reputation will be lost.

This content is free with registration!

Already subscribed? Continue Continue